Insert in to database

MySQL database
#1

hi forum,
i am new here and i read a lot be for i start a new topic my problem is i can not insert data from a php site in a mysql database( i am also a beginner in php i am follow a tutorial in youtube)

if i am try to insert data in my database only the field auto increment ID is effected and somethings else i not understand if i open the php form (simple one first name, last name, email, uid, pwd) the field uid and pwd is all ready fill out.

I know that you have to see the code! I can posted right here or other place?
it’s very nice if somebody guide a bit here.

in advanced many thank for your help and understanding

ignarein

dbh.inc.txt (177 Bytes)

insert.txt (593 Bytes)

signup.inc.txt (387 Bytes)

#2

The php variable that a form’s post data will be in is - $_POST[‘field_name_here’] with an under_score after the $.

It pays to read the introductory sections in the php.net documentation so that you will learn the basics of the php language and can identify if something you see on the web is correct or not.

You should also set up the php.ini on your development system with error_reporting set to E_ALL, display_errors set to ON, and output_buffering set to OFF. You should restart your web server to get any changes made to the php.ini to take effect. The missing underscore in the variable name would be producing undefined variable messages to help you locate the problem.

Next, your form processing code should -

  1. Detect that a post method form was submitted before referencing any of the form data.

  2. Validate all input data before using it. At a minimum, you should test that all ‘required’ fields are not empty. For something like a registration system, you would validate all the inputs to insert they consist of expected values and in the case of an email address that it is a properly formatted email address.

  3. You should NOT copy variables to other variables without a good reason. Each line of code you have that’s copying variables to other variables is a waste of typing time, wasted processing time, and adds an opportunity for typo errors.

  4. Should NOT put data directly into an sql query statement. You should use a prepared query, with a place-holder in the query for each data value, then supply the data when you execute the query. The php PDO extension is much simpler and more consistent to use than the mysqli extension, especially when using prepared queries.

  5. You should have error handling for all database statements (connection, query, prepare, and execute.) The simplest way of adding error handling is to just enable exceptions for the database extension you are using, and let php catch the exception where it will use its error_reporting, display_errors, and log_errors settings to control what happens with the actual error information.

  6. You should hash the password using php’s password_hash() function when you insert the data and use php’s password_verify() function when testing if an entered password matches the previously hashed value.

#3

hi phdr,

it works

many than’k for you also the other point i will follow

ignarein

Sponsor our Newsletter | Privacy Policy | Terms of Service